diff options
author | Hugo Landau <hlandau@openssl.org> | 2024-01-11 09:17:43 +0000 |
---|---|---|
committer | Hugo Landau <hlandau@openssl.org> | 2024-04-19 09:29:02 +0100 |
commit | b90003009678ed12ccc59b6371592ecdd5d8fa2d (patch) | |
tree | 75e8a613198b38ed24067fa93a50284e8103dc98 | |
parent | 99af2fc5c2da0feeaa8e61b7c04d5123eab41453 (diff) |
QUIC APL: Add skeleton listener API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23334)
-rw-r--r-- | include/internal/quic_ssl.h | 1 | ||||
-rw-r--r-- | include/openssl/ssl.h.in | 2 | ||||
-rw-r--r-- | ssl/quic/quic_impl.c | 53 | ||||
-rw-r--r-- | ssl/quic/quic_local.h | 12 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 12 |
5 files changed, 80 insertions, 0 deletions
diff --git a/include/internal/quic_ssl.h b/include/internal/quic_ssl.h index 5d1b739725..4b8eb83d6f 100644 --- a/include/internal/quic_ssl.h +++ b/include/internal/quic_ssl.h @@ -19,6 +19,7 @@ # ifndef OPENSSL_NO_QUIC __owur SSL *ossl_quic_new(SSL_CTX *ctx); +__owur SSL *ossl_quic_new_listener(SSL_CTX *ctx, uint64_t flags); __owur int ossl_quic_init(SSL *s); void ossl_quic_deinit(SSL *s); void ossl_quic_free(SSL *s); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index 442d5cbc3c..362796e199 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -2283,6 +2283,8 @@ __owur int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr); __owur SSL *SSL_get0_connection(SSL *s); __owur int SSL_is_connection(SSL *s); +__owur SSL *SSL_new_listener(SSL_CTX *ctx, uint64_t flags); + #define SSL_STREAM_TYPE_NONE 0 #define SSL_STREAM_TYPE_READ (1U << 0) #define SSL_STREAM_TYPE_WRITE (1U << 1) diff --git a/ssl/quic/quic_impl.c b/ssl/quic/quic_impl.c index 44e28f9e85..10ef61a113 100644 --- a/ssl/quic/quic_impl.c +++ b/ssl/quic/quic_impl.c @@ -3935,6 +3935,59 @@ int ossl_quic_get_key_update_type(const SSL *s) } /* + * QUIC Front-End I/O API: Listeners + * ================================= + */ + +SSL *ossl_quic_new_listener(SSL_CTX *ctx, uint64_t flags) +{ + QUIC_LISTENER *ql = NULL; + QUIC_ENGINE_ARGS engine_args = {0}; + QUIC_PORT_ARGS port_args = {0}; + +#if defined(OPENSSL_THREADS) + if ((ql->mutex = ossl_crypto_mutex_new()) == NULL) { + QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); + goto err; + } +#endif + + if ((ql = OPENSSL_zalloc(sizeof(*ql))) == NULL) { + QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_CRYPTO_LIB, NULL); + goto err; + } + + engine_args.libctx = ctx->libctx; + engine_args.propq = ctx->propq; + engine_args.mutex = ql->mutex; + if ((ql->engine = ossl_quic_engine_new(&engine_args)) == NULL) { + QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); + goto err; + } + + port_args.channel_ctx = ctx; + ql->port = ossl_quic_engine_create_port(ql->engine, &port_args); + if (ql->port == NULL) { + QUIC_RAISE_NON_NORMAL_ERROR(NULL, ERR_R_INTERNAL_ERROR, NULL); + goto err; + } + + /* Initialise the QUIC_LISTENER'S object header. */ + if (!ossl_quic_obj_init(&ql->obj, ctx, SSL_TYPE_QUIC_LISTENER, NULL, + ql->engine, ql->port)) + goto err; + + return &ql->obj.ssl; + +err: + if (ql != NULL) + ossl_quic_engine_free(ql->engine); + + OPENSSL_free(ql); + return NULL; +} + +/* * QUIC Front-End I/O API: SSL_CTX Management * ========================================== */ diff --git a/ssl/quic/quic_local.h b/ssl/quic/quic_local.h index 0fcaf8a142..1bf34f35dc 100644 --- a/ssl/quic/quic_local.h +++ b/ssl/quic/quic_local.h @@ -257,6 +257,18 @@ struct quic_conn_st { struct quic_listener_st { /* QUIC_OBJ common header, including SSL object common header. */ QUIC_OBJ obj; + + /* The QUIC engine representing the QUIC event domain. */ + QUIC_ENGINE *engine; + + /* The QUIC port representing the QUIC listener and socket. */ + QUIC_PORT *port; + + /* + * The mutex used to synchronise access to the QUIC_ENGINE. We own this but + * provide it to the engine. + */ + CRYPTO_MUTEX *mutex; }; /* Internal calls to the QUIC CSM which come from various places. */ diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a08fc013a3..28aa428521 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -7663,6 +7663,18 @@ int SSL_set_value_uint(SSL *s, uint32_t class_, uint32_t id, return 0; } +SSL *SSL_new_listener(SSL_CTX *ctx, uint64_t flags) +{ +#ifndef OPENSSL_NO_QUIC + if (!IS_QUIC_CTX(ctx)) + return NULL; + + return ossl_quic_new_listener(ctx, flags); +#else + return NULL; +#endif +} + int SSL_add_expected_rpk(SSL *s, EVP_PKEY *rpk) { unsigned char *data = NULL; |